Resource proposal

Currently enabling or disabling the TPM on a VM is not supported. With Windows 11 requiring a TPM this is causing manual intervention once DSC has completed.

My proposal is to modify VMHyperV to add the ability to enable or disable the TPM utilising the following commands:

• Get-VMSecurity - look up current state
• Enable-VMTPM - to enable the TPM
• Disable-VMTPM - to disable the TPM

Proposed properties

EnableTPM | boolean | Enable Trusted Platform Module for Generation 2 VMs | false | true or false

Special considerations or limitations

Enabling or disabling the TPM can only be done when the VM is powered off